Email causing MailScanner to go defunct.

Steve Campbell campbell at cnpapers.com
Fri Jan 23 15:29:57 GMT 2009



shuttlebox wrote:
> On Fri, Jan 23, 2009 at 3:12 PM, Kai Schaetzl <maillists at conactive.com> wrote:
>   
>> Glenn Steen wrote on Fri, 23 Jan 2009 14:34:54 +0100:
>>
>>     
>>> Look at the setting "Max Spam Check Size", and the comment above it.
>>> This is actually quite normal, it seems to me;-). If it bothers you,
>>> up the limit a bit and see what happens.
>>>       
>> I don't see where it says "won't scan at all". However, the error message
>> implies that: "too big for spam checks". I would have *never* assumed that
>> such a message gets not scanned *at all*. I expect that for such a message
>> the first x bytes are handed over to SA. Like it is done with procmail.
>> So, what's correct? Is it skipped or not?
>>     
>
> It's the maximum size when to spam check, pretty clear to me. :-)
> Really large message are rarely spam so load can be reduced by
> skipping them. The feature you're referring to is to speed up what's
> actually checked because, say 50k, is usually enough to determine if
> it's spam or not.
>
> I check the first 50k but skip if it's above 200k.
>
>   

I have to disagree with the "Really large message are rarely spam" part 
nowadays as I'm seeing spam coming in around 300K-400k fairly regularly. 
I work at a newspaper, and ads are sent in through email all the time. I 
have to allow larger emails due to the fact that most smaller 
advertisers are just local small businesses and they aren't aware of FTP 
and the like.The one-time advertisers aren't around long enough to 
inform them properly.

If I were to lower the size restrictions, the spam just flows on through 
cleanly with a score of 0, so I raise it, and of course, the load on the 
machine suffers because it has to scan the larger spams.

steve



More information about the MailScanner mailing list